Re: Catalyst 6509 Switch access control [7:63358]

The 6509 with a switch supervisor and no msfc can restrict telnet with a VACL...if the switch has a MSFC then you can apply an ACL... Larry Letterman Network Engineer Cisco Systems - Original Message - From: Berman Andrew To: Sent: Wednesday, February 19, 2003 7:50 AM Subject:

Re: 100 Mbps on Cat3 or Cat4 [7:63310]

Jens Neelsen wrote: I suggest to test the following version if you use 10/100 switches: Set the switch to 10Mbps full duplex and leave the PC at AUTO. NO. *Don't* do that. If one end is fixed at the other at auto, the auto end will go to *half* duplex. Or at least is supposed to according

VLAN routing [7:63412]

Dear All, I am new newbie in VLAN routing and don't have enough equipments to test myself. If I have the following setup. The tagged port 1 need include vlan 1,2,3,4 or simply include vlan 1,2 to make all 4 VLANs routable? Similiar in tagged port2, include 1,2,3,4 or 3,4 only?

Re: SRB HSRP [7:62660]

Thanks Dave From: MADMAN Reply-To: [EMAIL PROTECTED] To: Simon Watson CC: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: SRB HSRP [7:62660] Date: Fri, 07 Feb 2003 15:34:50 -0600Hi, I would have to look at the DLSW redundancy configs to give you a diffinitive answer, (I can't memorize

Any help .....4003 gigabit module dropping connections.... [7:63416]

Hi, Could anyone please let me know if there is a known problem with the 4003 switch when using the WS-X4412-2GB-T Gigabit module, in that connections are dropped. I have being using the module with both Intel and 3COM 1gb cards and suffer lost connections with both types of cards. Is this a

RE: Windows Domain Access across WAN [7:63384]

Good Morning, I answered my own question. PSS ID Number: Q179442 Article last modified on 09-06-2001 :2000,4.0 == --- The information in this

RE: Any help .....4003 gigabit module dropping connections.... [7:63418]

Hi , If you have enough memory on the switch being around 64MB , then I suggest that you upgrade to a newer version of code , as the code you are using is very old and out dated now. You can go onto Cisco's web site and type in CAVEATS and your code , if there is such a current problem then

layer 3 switch [7:63407]

Hello All: Question - By default, out of the box, will a L3 switch simply act as a L2 switch? I am planning to purchase a Cisco 3550-12G, along with other fiber gigabit ready L2 switches for a LAN upgrade. The current LAN is one huge flat network with a mixture of hubs and switches. I plan to

RE: Traffic thru PIX [7:63347]

Do the following: 1 - Make sure that testpc (10.250.77.3) is configured with the default gateway of the inside interface of the pix firewall which in this case is 10.250.77.1 2 - paste these commands in your pix firewall access-list aclout permit icmp any any access-list aclin permit icmp any

Re: 100 Mbps on Cat3 or Cat4 [7:63310]

Thats the worst advice I have heard in a good while. Setting one end hard-set and the other to auto is asking for collision and FCS errors. Any time I have an FCS or collision issue its because of that issue... manually set both sides and you should be safe Larry Letterman Network Engineer

RE: Traffic thru PIX [7:63347]

Hi, You say you can't ping through pix. I imagine you mean from a PC on the inside network to the internet address on the outside network. Did you check your xlate table if it's doing the translation? (ie. show xlate). I also notice that you have a VPN, make sure that the address you ping isn't

Re: Any help .....4003 gigabit module dropping connections.... [7:63421]

Andy, Here is a link regarding this module and dropping packets with an INTEL Pro gig card. Relates to even, odd packet sizes. Fix is NIC driver update: http://www.cisco.com/warp/customer/770/fn13054.shtml HTH, -Bob Sinclair CCIE #10427, MCSE Senior Network Engineer Networking For Future,

Re: VLAN routing [7:63412]

By default a trunk port will carry all VLANs, which it will need to do in the setup you have illustrated. If you prune the other VLANs at the second switch, the users in VLANs 3 and 4 on the third switch will be cut off. Happy World wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]...

Re: layer 3 switch [7:63407]

wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello All: Question - By default, out of the box, will a L3 switch simply act as a L2 switch? The Cisco 3550 series switches can act as an L2 only device out of the box. No configuration required on your part. Well, stick in the

Re: layer 3 switch [7:63407]

Just set the 3550 as a VTP client in your current domain and it will just be a layer 2 device. Or order it with the SMI software load rather than the EMI. wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello All: Question - By default, out of the box, will a L3 switch simply

Re: layer 3 switch [7:63407]

Robert Edmonds wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Just set the 3550 as a VTP client in your current domain and it will just be a layer 2 device. Or order it with the SMI software load rather than the EMI. note - the 3550-12G and 12T come only with the EMI image.

Network Protocol Map [7:63424]

Does anyone have or know of a site with a network protocol map / chart (that I can print out). I am after a kind of wall chart that shows where protocols fit within 7 layer OSI model. I do not want to have pay anything, preferabbly. (Thanks in advance). Message Posted at:

CCIE SECURITY [7:63425]

Dear members Once you have completed the written , how long do you get to prepare for the LAB ? Suranjith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63425t=63425 -- FAQ, list archives, and subscription info:

RE: CCIE SECURITY [7:63425]

You get one year from passing your written till sitting the exam. Suranjith Ariyapperuma wrote: Dear members Once you have completed the written , how long do you get to prepare for the LAB ? Suranjith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63426t=63425

upgrade to firmware 12 [7:63430]

Hello I tried today to upgrade our Cisco APs 350 and Cisco Bridges 350 to the new version firmware 12 AP 350 I upgrade it was ok but when I upgrade the bridge 350, I couldnt any more access it from the web browser and this bridge dose association with the other bridge but without ip address so I

RE: Question about CCIE written [7:63396]

Just an FYI on waiting to take the lab. http://www.cisco.com/en/US/learning/le3/le11/learning_ccie_lab_exam_policies .html Written Exam Expiry Candidates must attempt the CCIE Lab exam within 18 months of passing the CCIE Qualification exam. After the first lab attempt, candidates must attempt

Re: can u summarize area 0 [7:63365]

That question was on my notes last days. I did a lab, because I never saw the efect of area 0 summarization. Area 0 networks are forwarded to other areas (if the other areas are normal areas - no stub). So, if you do not summarize, area 1routers (for example) will receive IA routes from area

Re: CCIE SECURITY [7:63425]

18 months Suranjith Ariyapperuma wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Dear members Once you have completed the written , how long do you get to prepare for the LAB ? Suranjith Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63433t=63425

RE: CCIE SECURITY [7:63425]

18 months to sit the exam, up to 3 years total to pass Peter Walker --On 20 February 2003 16:30 + Troy Leliard wrote: You get one year from passing your written till sitting the exam. Suranjith Ariyapperuma wrote: Dear members Once you have completed the written , how long

Re: layer 3 switch [7:63407]

The 3550 models are L2 switches by default. -Bob - Original Message - From: To: Sent: Thursday, February 20, 2003 10:09 AM Subject: layer 3 switch [7:63407] Hello All: Question - By default, out of the box, will a L3 switch simply act as a L2 switch? I am planning to purchase a

Re: RE: Traffic thru PIX [7:63347]

access-group name in interface if_name I garantee this will do it for you. From: Albert Lu Date: 2003/02/20 Thu AM 10:10:09 EST To: [EMAIL PROTECTED] Subject: RE: Traffic thru PIX [7:63347] Hi, You say you can't ping through pix. I imagine you mean from a PC on the inside network to

Re: layer 3 switch [7:63407]

By default, all 3550 acts as a layer-2 switch. In order to provide layer-3 routing, you will have to put on the ip routing on the global configuration mode. Also, All interfaces on the boxes are set as layer-2 switch (no ip address). Thomas wrote in message [EMAIL PROTECTED]">news:[EMAIL

Re: layer 3 switch [7:63407]

Well you would have to setup the routing tables anyway with your specific ip info. No router can route for you unless you tell it how. A switch however can switch with no intervention. So to answer your question, no. From: [EMAIL PROTECTED] Date: 2003/02/20 Thu AM 10:09:44 EST To:

can't ping my own interfaces?? [7:63437]

Hello All, I'm quite perplexed, please help out if you can! My PC has two ethernet cards. One is connected to a Linksys Router, which is connected to a cable modem for internet access. The other ethernet card is plugged into a 2924XL cisco switch. 1. I can ping the cable modem and access the web

RE: Network Protocol Map [7:63424]

Try, http://www.sniffer.com/, then select Free Protocol Poster from the Quick Links pull down menu. Hope that helps. -Original Message- From: Peter P [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 20, 2003 7:53 AM To: [EMAIL PROTECTED] Subject: Network Protocol Map [7:63424]

RE: can u summarize area 0 [7:63365]

This is something we discussed on groupstudy a while back. IIRC, the area 0 range command will work, and you can summarize backbone routes as they're advertised to other areas. The question is, why? (other than to satisfy a bass-ackwards lab requirement) If your IP addressing has been designed

Re: Catalyst 6509 Switch access control [7:63358]

Thanks. Yes, indeed it does have MSFCs. But if I just put ACLs in the MSFC won't I be merely preventing telnet to the MSFCs and not to the switch itself? The MSFC can be reached by direct telnet to its own IP address or by telneting to the switch and then issuing a session 15 command. I think

telnet with mac address [7:63440]

Hello Could you help please? How I can telnet a bridge 350 with his MAC address not with IP address Thank you hanan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63440t=63440 -- FAQ, list archives, and subscription info:

RE: Network Protocol Map [7:63424]

At 7:00 PM + 2/20/03, Arcibal Jr, Mario wrote: Try, http://www.sniffer.com/, then select Free Protocol Poster from the Quick Links pull down menu. Hope that helps. I would urge anyone getting the average OSI poster to revise it to reflect developments in protocol architecture since 1984,

Different usename n pwd for PAP and CHAP [7:63442]

Hi I am having this question. When configuring the username and password for PAP n CHAP, i am giving different username n password. Is there any customer scenario where this kind of situation is there? Also does the ISP provide different username n password for different authentication types

3600 Network Module 1FE-TX [7:63443]

Hey Guys. Whats the difference between these two 3600 Modules 1FE-TX and 1FE-FX Whenever the word FX comes in, does it mean fiber? thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63443t=63443 -- FAQ, list

Re: Catalyst 6509 Switch access control [7:63358]

Sorry about thatI sometimes forget that most people are running hybrid, since we run all our sup/msfc devices natively.. Troy's solution is in fact a great way to lock it down... -- Larry Letterman Network Engineer Cisco Systems Berman Andrew wrote in message [EMAIL

RE: telnet with mac address [7:63440]

hanan wrote: Hello Could you help please? How I can telnet a bridge 350 with his MAC address not with IP address No. Telnet runs above TCP/IP. When you Telnet to something you tell your Telnet software the IP address (or domain name) of the thing you are Telnetting to. There's no workaround

Frame-Relay issue [7:63446]

Hi All Hey I am facing a strange problem in frame-relay My config -- my initial config int serial 0 (nothing confgured initially) Then I cut paste this config and my link does not come up means Interface does not come up. interface Serial0 shut (if i give here no shut then link comes

Connecting Console cable [7:63447]

I wish to gain access to a router console but it's in the server room while I am outside. Is it possible to do something like that:, Diagram-wise: Router---Switch---PatchPanel---User wall I/O---Computer I mean, just the way a user would be connected to the router ethernet port, i want to connect

30% of BW for custom-queue-list - How much? [7:63448]

Hello,If the requirement is to configure 30% of the bandwidth on the serial port (1.544MB) for ipx traffic, how much will that be?I calculated (1.544 X 1024)/(30/100)? Is this how it's done or is there a right way to do this to get the actual value?Thank you.Sincerely,CN

Re: 3600 Network Module 1FE-TX [7:63443]

Hey Guys. Whats the difference between these two 3600 Modules 1FE-TX and 1FE-FX Whenever the word FX comes in, does it mean fiber? thank you. The specification for FastEthernet over unshielded twisted pair cable is 100Base-TX, while the specification for FastEthernet over fiber is

RE: Frame-Relay issue [7:63446]

I would check your settings such as the LMI type, Have you done any other fault finding yet ? Such as sh frame relay pvc ? Once you hit no shutdown, the interface becomes live in a way of speaking. Here is an example of one of my configs. interface Serial0/0 no ip address encapsulation

Re: 3600 Network Module 1FE-TX [7:63443]

100 base fiber...or 100FX means fast ethernet over MM fiber usually.. Larry Letterman Network Engineer Cisco Systems - Original Message - From: SamN To: Sent: Thursday, February 20, 2003 1:49 PM Subject: 3600 Network Module 1FE-TX [7:63443] Hey Guys. Whats the difference between

Looking for a really good NAT book [7:63452]

Any recommendations for a really good NAT book? Dorothy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63452t=63452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and

Re: Frame-Relay issue [7:63446]

enter the no shut command into your cut and paste script for the Int Ser0 and it will come up..all interfaces in a router are always defaulted to shutdown..In your case the Main interface needs to be no shut in order for the logical interface to work... -- Larry Letterman Network Engineer Cisco

Re: Connecting Console cable [7:63447]

install a connection from the router console port to your desk...thru patch panels or something similar and connect the router end with a cisco blue or black rollover cable and you have a local console connection... or setup a terminal server with 2511/2621 type router that supports reverse

RE: 30% of BW for custom-queue-list - How much? [7:63448]

Cisco Nuts wrote: Hello,If the requirement is to configure 30% of the bandwidth on the serial port (1.544MB) for ipx traffic, how much will that be?I calculated (1.544 X 1024)/(30/100)? Is this how it's done or is there a right way to do this to get the actual value?Thank you.Sincerely,CN

GE connect to FE [7:63457]

Dear All, In genearl, is it possible to connect the 1000BaseSX to 100BaseFX using the MMF? Thanks your help. rgds, Happy World Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63457t=63457 -- FAQ, list archives, and subscription

ADSL and PIX puzzle [7:63458]

Hello networkers, I am trying to conjure up a working config for an ADSL link with static IPs for a 827 series router, these public IPs are supposed to point to, say a webserver, that sits behind a pix firewall (which is directly connected to 827 router4s ethernet interface), problem is when I

Re: Frame-Relay issue [7:63446]

Hi Larry/John, I forgot to mention no shut in the above confif while writing here, Its still there and connection does not come out See I mentioned that while giving command by command manually connection comes out. It seems to me that while the interface is down during that frame-relay LMIs think

Effect of Multipoint config on point-to-point [7:63460]

Hi Again , A new small query on frame-relay itself. Is the config below valid and can it be used having both Multipoint on main interface and poin-to-point sub interface simutaneusly. int serial 0 encap frame-relay ip address frame-relay interface-dlci 16 int serial 0/0.2 multi ip address

ISS Real Secure Vs Cisco IDS [7:63461]

Hello all, My company is thinking about installing an IDS (dedicated appliance type) for our network. As far as I know, the Real Secure and the Cisco IDS are two biggest names out there. So I checked out the documents and white papers provided by the each company, but I couldn't really come up

Re: Looking for a really good NAT book [7:63452]

You don't need a book for NAT. Doyle's routing TCP/IP Vol II have a very good chapter about NAT. Cheers - Original Message - From: D Edmondson To: Sent: Friday, February 21, 2003 6:46 AM Subject: Looking for a really good NAT book [7:63452] Any recommendations for a really good NAT

MAC address filtering [7:63463]

Do Cisco routers perform MAC Address/layer 2 filtering with their access lists? or only ip filtering? Thanks :-) Jarred Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63463t=63463 -- FAQ, list archives, and subscription info:

Cisco's Web Team - They want your input ????????? [7:63464]

Dear Cisco.com Advisor, You are receiving this email because you have previously participated in user research for Cisco.com, and you indicated it would be okay to contact you regarding future research. Last fall we launched a new version of Cisco's home page. We've been listening to customer

RE: Ping ethernet interface with datagram over 150 [7:63085]

Hello Priscilla, Thank you very much for your feedback! I am yet to try the protocol analyzer... mostly because I don:t have one. But I DO have a sort of packet sniffer, maybe I can find out something with that. Debug command, I think I need somebody on the other side to send me ping packets

cisco 2950 and trunk negotiation [7:63466]

Hi, Any one else noticed that on the 2950, and I guessing other catalyst low end switch's, that one cant define the encapsulation of the trunk link. Yes it will auto negotiate, however I feel that control has been pulled away from me. I also dont like on the 4006, that you can only define this

Re: ISS Real Secure Vs Cisco IDS [7:63461]

One fact to take in account, Cisco's IDS can interact with a router or a Pix (assuming the said router/pix is between the IDS and the public network) and modify acl for incoming traffic to deny IP traffic from intruder's IP address, you can set up how much time the intruder's IP will be blocked.

Re: cisco 2950 and trunk negotiation [7:63466]

I read somewhere on cisco.com that the 2950s do not support ISL (it's true, I tested it) the 2912 and 2924 series support both (2916M need a special module for trunk), an the 1900XL series just support ISL (also tested). I'm not sure about the 2820 series but as I think they woul have the same

Lost Switch [7:63469]

Our group got a support call that a port wasn't working on a switch. A colleague started looking into the case and found that he couldn't connect to the switch. (or ping etc) He was able to get to another switch which is directly connected. Using CDP he was able to see that the switch is

Off Topic - some Token Ring equipment available [7:63470]

it's token ring, but you can still practice a lot of stuff. great starter kit, or add ports to your existing rack. offered here before I put it out to that auction site. send me an e-mail with the words Token Ring in the subject line, and you will get a description of the items. Chuck --

RE: Lost Switch [7:63469]

That blows!! Uh, can you give me a clue as to which model switch you are talking about? Maybe a secondary address on the port going to the second switch, with the wrong address as the secondary? Does it have trunking to the second switch? Can you put yourself in the vlan with the switch and

RE: Lost Switch [7:63469]

How were you able to get to the directly connected switch? What device are you using to talk to it and what is its IP address and subnet mask? Depending on where you are, you could set your own address to something like 10.235.1.1/8 to get to the good switch. Then change the good switch to use a

RE: ISS Real Secure Vs Cisco IDS [7:63461]

I use ISS, NFR and Checkpoint for IDS stuff but am looking into doing Cisco IDS on CAT 6500 stuff. I would get all of 'em if you can afford it. Each has missed stuff and has faults in one way or another. I tried the Cisco stuff 2 years ago and thought it was at the bottom of the heap then. Am

RE: Lost Switch [7:63469]

Yep. I forgot about that trick. If he is on the same vlan and can arp with it, I would just setup a laptop with the same network range and go from there actually. Scotty Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63475t=63469

Re: ADSL and PIX puzzle [7:63458]

Change this: ip nat inside source static tcp 192.168.1.30 80 200.10.15.189 80 extendable to something like: ip nat inside source static tcp 192.168.0.30 80 200.10.15.189 80 extendable -The inside from the 827's perspective needs to be something in the 192.168.0.x address space And change

Anyone has any spare 3550 that they don't need [7:63477]

Hello all, I am currently looking for a 3550-24 switch for my lab, if anyone has any spare that they no longer needs, please let me know =) Best Regards, Hunt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63477t=63477 -- FAQ,

RE: 30% of BW for custom-queue-list - How much? [7:63448]

I'll take another stab at an answer. Cisco Nuts wrote: Hello,If the requirement is to configure 30% of the bandwidth on the serial port (1.544MB) for ipx traffic, how much will that be?I calculated (1.544 X 1024)/(30/100)? Your bandwidth is 1.544 x 1000 x 1000 = 1,544,000 bits per

RE: Lost Switch [7:63469]

Scott Nelson wrote: Yep. I forgot about that trick. If he is on the same vlan and can arp with it, I would just setup a laptop with the same network range and go from there actually. Oh, that's a good point. If the switch he can get to is just a L2 switch, it doesn't care. :-) So

RE: ADSL and PIX puzzle [7:63458]

A Couple of pointers from my humble experience (granted this is also provided from a very tired engineer that needs to go to bed :) ): Put 200.10.10.36/30 on the Dialer Interface. ... I think you need to be using the VPDN Group commands to get the DSL working. There are a couple of ways to

RE: ADSL and PIX puzzle [7:63458]

Just subnet your class c address space into 2 subnets. Make one of them the outside of the router, and one of them on the inside of the router, outside of pix, and just make sure your subnetted network has enough addresses for inside of the router, outside of pix, pix global address, and any

RE: Frame-Relay issue [7:63446]

in show ip interface it shows as protocol down , physical link up. sh frame-relay pvs shows as inactive.no lmi are exchanged. Usually Protocol Down, Link Up indicates that you have mismatched encapsulation, LMI-Type, or even incorrect IP Addressing (wrong Subnet or incorrect Subnet Mask) between